package com.mulesoft.connectors.sharepoint.internal.utils;

import com.mulesoft.connectors.sharepoint.api.ProxySettings;
import com.mulesoft.connectors.sharepoint.internal.error.exception.UnableToCreateHttpClientException;
import com.mulesoft.connectors.sharepoint.internal.service.security.kerberos.SharepointSPNegoSchemeFactory;
import com.mulesoft.connectors.sharepoint.internal.service.utils.http.interceptor.RequestSharepointMultiAuthHeader;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import jcifs.ntlmssp.Type1Message;
import jcifs.ntlmssp.Type2Message;
import jcifs.ntlmssp.Type3Message;
import jcifs.util.Base64;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScheme;
import org.apache.http.auth.AuthSchemeProvider;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.NTCredentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.auth.NTLMEngine;
import org.apache.http.impl.auth.NTLMEngineException;
import org.apache.http.impl.auth.NTLMScheme;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.protocol.HttpContext;
import org.apache.http.ssl.SSLContextBuilder;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mulesoft/connectors/sharepoint/internal/utils/HttpClientFactory.class */
public class HttpClientFactory {
    private static final String INVALID_ENCRYPTION_ALGORITHM = "Invalid encryption algorithm.";
    private static final String UNABLE_TO_HANDLE_KEYSTORE = "Unable to handle keystore.";
    private static final String UNABLE_TO_HANDLE_SECURITY_KEYS = "Unable to handle security keys.";
    private static final Logger logger = LoggerFactory.getLogger(HttpClientFactory.class);

    /* loaded from: input_file:com/mulesoft/connectors/sharepoint/internal/utils/HttpClientFactory$JCIFSEngine.class */
    private final class JCIFSEngine implements NTLMEngine {
        public static final String INVALID_NTLM_TYPE_2_MESSAGE = "Invalid NTLM type 2 message";
        private static final int TYPE_1_FLAGS = -1610055131;

        private JCIFSEngine() {
        }

        @Override // org.apache.http.impl.auth.NTLMEngine
        public String generateType1Msg(String str, String str2) throws NTLMEngineException {
            return Base64.encode(new Type1Message(TYPE_1_FLAGS, str, str2).toByteArray());
        }

        @Override // org.apache.http.impl.auth.NTLMEngine
        public String generateType3Msg(String str, String str2, String str3, String str4, String str5) throws NTLMEngineException {
            try {
                Type2Message type2Message = new Type2Message(Base64.decode(str5));
                return Base64.encode(new Type3Message(type2Message, str2, str3, str, str4, type2Message.getFlags() & (-196609)).toByteArray());
            } catch (IOException e) {
                throw new NTLMEngineException(INVALID_NTLM_TYPE_2_MESSAGE, e);
            }
        }
    }

    /* loaded from: input_file:com/mulesoft/connectors/sharepoint/internal/utils/HttpClientFactory$JCIFSNTLMSchemeFactory.class */
    private class JCIFSNTLMSchemeFactory implements AuthSchemeProvider {
        private JCIFSNTLMSchemeFactory() {
        }

        public AuthScheme create(HttpContext httpContext) {
            return new NTLMScheme(new JCIFSEngine());
        }
    }

    public CloseableHttpClient createForNTLM(boolean z, ProxySettings proxySettings) {
        HttpClientBuilder createHttpClientBuilder = createHttpClientBuilder(z, proxySettings);
        createHttpClientBuilder.addInterceptorFirst(new RequestSharepointMultiAuthHeader());
        createHttpClientBuilder.setDefaultAuthSchemeRegistry(RegistryBuilder.create().register("NTLM", new JCIFSNTLMSchemeFactory()).build());
        return createHttpClientBuilder.build();
    }

    public CloseableHttpClient create(boolean z, ProxySettings proxySettings) {
        return createHttpClientBuilder(z, proxySettings).build();
    }

    @NotNull
    public HttpClientBuilder createHttpClientBuilder(boolean z, ProxySettings proxySettings) {
        HttpClientBuilder defaultRequestConfig = HttpClients.custom().useSystemProperties().setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(120000).setConnectionRequestTimeout(120000).setSocketTimeout(120000).build());
        addProxySettings(proxySettings, defaultRequestConfig);
        if (z) {
            try {
                SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
                sSLContextBuilder.loadTrustMaterial((KeyStore) null, (x509CertificateArr, str) -> {
                    return true;
                });
                defaultRequestConfig.setSSLSocketFactory(new SSLConnectionSocketFactory(sSLContextBuilder.build(), NoopHostnameVerifier.INSTANCE));
            } catch (KeyManagementException e) {
                logger.error(e.getMessage(), e);
                throw new UnableToCreateHttpClientException(UNABLE_TO_HANDLE_SECURITY_KEYS);
            } catch (KeyStoreException e2) {
                logger.error(e2.getMessage(), e2);
                throw new UnableToCreateHttpClientException(UNABLE_TO_HANDLE_KEYSTORE);
            } catch (NoSuchAlgorithmException e3) {
                logger.error(e3.getMessage(), e3);
                throw new UnableToCreateHttpClientException(INVALID_ENCRYPTION_ALGORITHM);
            }
        }
        return defaultRequestConfig;
    }

    private void addProxySettings(ProxySettings proxySettings, HttpClientBuilder httpClientBuilder) {
        if (proxySettings == null || !ConnectorUtils.isNotEmpty(proxySettings.getHost())) {
            return;
        }
        httpClientBuilder.setProxy(new HttpHost(proxySettings.getHost(), proxySettings.getPort().intValue()));
        if (proxySettings.getUsername() == null || proxySettings.getPassword() == null) {
            return;
        }
        AuthScope authScope = new AuthScope(proxySettings.getHost(), proxySettings.getPort().intValue());
        Credentials nTCredentials = !ConnectorUtils.isStringNullOrEmpty(proxySettings.getNtlmDomain()) ? new NTCredentials(proxySettings.getUsername(), proxySettings.getPassword(), proxySettings.getHost(), proxySettings.getNtlmDomain()) : new UsernamePasswordCredentials(proxySettings.getUsername(), proxySettings.getPassword());
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        basicCredentialsProvider.setCredentials(authScope, nTCredentials);
        httpClientBuilder.setDefaultCredentialsProvider(basicCredentialsProvider);
    }

    public CloseableHttpClient createForKerberos(String str, boolean z, ProxySettings proxySettings) {
        HttpClientBuilder createHttpClientBuilder = createHttpClientBuilder(z, proxySettings);
        createHttpClientBuilder.setDefaultRequestConfig(RequestConfig.custom().setTargetPreferredAuthSchemes(Arrays.asList("Negotiate")).build());
        createHttpClientBuilder.setDefaultAuthSchemeRegistry(RegistryBuilder.create().register("Negotiate", new SharepointSPNegoSchemeFactory(str)).build());
        return createHttpClientBuilder.build();
    }
}
